Blog¶

Stay Calm and SLSA: Generating SLSA Provenance for Your Artifacts with GoReleaser and slsa-github-generator

In an age where software is at the heart of nearly every aspect of our lives, software supply chain security has become paramount. It involves a series of measures and practices aimed at ensuring the reliability and safety of the software we use daily. As cyber threats continue to evolve, the need for robust software supply chain security has never been greater. Organizations must take steps to protect their software development and distribution processes from potential vulnerabilities and attacks.

Version strategy and release cadence: the future

A couple of weeks ago, I got a couple of complaints about the way GoReleaser is being versioned - more precisely, the fact that deprecated options are removed in minor instead of major versions.

Those complaints are valid, and today I'm announcing how I plan to move forward.

Announcing GoReleaser v1.21 - mostly bug fixes

A boring release, mostly bug fixes. Boring is good.

Welcome to our new blog

We are in the process of migrating our blog from Medium to here.

Announcing GoReleaser v1.20 — a quality-of-life release

A little over 100 commits in small-ish quality-of-life improvements.

Announcing GoReleaser v1.19 — the big release

Almost 200 commits adding Nix, Winget, and much more...

Announcing GoReleaser v1.18 — the maintainers month release

May is the maintainers month, so I would first like to thank all the maintainers out there for the hard work, you rock!

Announcing GoReleaser v1.17 — the late Easter release

The Easter release is here!

Announcing GoReleaser v1.16 — the late February release

The February release got a little late... better later than even later, I guess! 😄

Fast and Furious Building OCI compatible Container Images with GoReleaser and ko

GoReleaser and ko are popular open-source, well-recognized projects, especially in the containerization and open-source ecosystem for Go applications. Many people use these projects for their Go applications because they are pretty straightforward and CI-friendly tools that make your releasing artifacts (binary and container image) process super elegant, which also helps you focus more on developing the business logic rather than planning to release software type of works.